Rootless tripping on itself

Discussion in 'OS X El Capitan (10.11)' started by bisserwesser, Aug 4, 2015.

  1. bisserwesser macrumors newbie

    Jul 10, 2015
    I get this scrolling by in the verbose startup dialog after all el capitan updates:

    Aug 4 21:12:44 localhost kernel[0]: Sandbox: launchd(1) System Policy: deny(1) file-write-unlink /private/var/run/dyld_shared_cache_x86_64
    Aug 4 21:12:44 localhost kernel[0]: Sandbox: launchd(1) System Policy: deny(1) file-write-flags /private/var/run/
    Aug 4 21:12:24 localhost[1]: Failed to remove file or directory: name = dyld_shared_cache_x86_64, error = 1: Operation not permitted. Further logging suppressed.

    From what I understand, these files should be copied from /var/db/dyld to /var/run, but since not even root can delete these files, old caches lie around in that directory:

    -rw-r--r-- 1 root daemon 3 4 Aug 21:12
    -rw-r--r-- 1 root wheel 437135970 9 Jul 22:12 dyld_shared_cache_x86_64
    -rw-r--r-- 1 root wheel 98849 9 Jul 22:12

    Of course you can't delete them with sudo either.

    How does this affect the system, though?
  2. xgman macrumors 601


    Aug 6, 2007
    The first thing I will do upon installing EC is to disable rootless.
  3. leman macrumors G3

    Oct 14, 2008
    If you think that this causes any problems, submit a radar. Its probably entirely harmless. There are a lot of obsolete things hanging around the OS, that will fire an occasional warning or debug message.

    At any rate, these files are constantly being modified on my system. This means that the kernel has all the write access to it that it needs. All in all, system integrity protection is a great feature which is long overdue.
  4. bisserwesser thread starter macrumors newbie

    Jul 10, 2015
    Nothing can delete those files, even after disabling rootless. The kernel does not have access either, that is why these messages are generated.
  5. thejohnhoffer macrumors newbie


    Oct 8, 2016
    Hi- did anyone ever end up solving this? I'm considering disabling rootless just to eliminate some of these excess console messages so I can find the source of the actual boot problem I'm looking for.

Share This Page